October 2014

04/29/2013

Security and Integrity – Definitions and Why You Should Care

The IBM i 25th
anniversary celebration continues today with a focus on system integrity. Our
guest blogger on the topic is Jeff Uehling, security architect for IBM i and a
member of the IBM i development group in Rochester, Minn. Read Jeff’s post
and then join the conversation on Facebook.

All operating systems and add-on
security products that exist today provide the basic security capabilities one
would expect, including user and password management, the capability to authorize
a user to specific resources, some level of audit capabilities, network
security interfaces like SSL and encryption interfaces to help protect your
sensitive data. However, the level of security functionality provided tends to
vary greatly from platform to platform. This is especially true in areas like
security management (management, monitoring and reporting interfaces) and the
richness of audit features. On IBM i, you have all the interfaces needed to set
up and manage all areas of security and audit as well a secure run-time
environment. These integrated operating system capabilities provide for the capability to set up a very secure environment on which to run your business.

Before getting into a discussion
on system integrity, I need to briefly discuss the Technology Independent
Machine Interface (TIMI), often referred to as the MI layer of the IBM i server.
TIMI provides a flexible interface upon which the operating system is built. The
MI provides a significant architectural advantage that other servers available
in the marketplace cannot match. This layer allows the underlying hardware and
microcode to change without impacting the operating system and applications
that sit on top of it. (See “TIMI –
Protecting Investments and Integrity in IBM i”) I bring this up as this is
very important, not only because the MI layer provides a way for underlying hardware
and microcode to change, but also from a security and integrity perspective.
The MI layer has allowed us to make numerous changes over the many releases of
this platform in a manner that constantly improves its security and integrity
capabilities without disrupting your production applications.

So what’s the difference
between security and integrity? I’ve already discussed security and the
features involved, like user and authorization management, audit, encryption
and network security. All of these features are important and necessary to
provide for a secure run-time production environment. However, without system
integrity these features are somewhat meaningless. How can that be? And why
should you care? System integrity mechanisms built into a server ensure that
all of the security controls and interfaces implemented in the operating system
and microcode cannot be bypassed or compromised. In other words, system integrity mechanisms ensure that
the security mechanisms being used
to protect your data are actually in place, being run, enforcing the controls
that are intended to be in place, and cannot be compromised. If one can find a
way to bypass these security checks, the integrity of the system can certainly be
questioned. System integrity mechanisms should ensure that all the security
checks that an operating system needs to perform are performed
and enforced, as well as all audit data that the operating system and microcode
need to generate is generated and accurately logged. Certainly
one can see the importance of the system integrity mechanisms, because without
strong integrity, the security capabilities and thus your data accuracy can be
questioned.

IBM i has a history of system
integrity enhancements. For example, with innovations implemented in release
6.1, each and every object on IBM i was changed to be protected with the latest
integrity features available in the POWER hardware. Hardware Storage
Protection, which has been available in the POWER processors and used on IBM i
for many releases to protect objects and control blocks, was enhanced to
further protect these objects. The new level of Hardware Storage Protection
prevents direct access to data objects on IBM i, even protecting these objects
from an altered or patched operating system program. What this really means is that
the integrity characteristics of IBM i objects, including programs and data
files, have been enhanced to industry leading strength. These leading edge
integrity changes will provide critical security and integrity protection for
customers running IBM i in their businesses going forward.

In summary, I hope I have
made a case for having both security and integrity in IT platforms. Along the
way, we have looked at the many security features integrated with IBM i on
Power Systems and discussed its leading edge system integrity
characteristics. I’ll leave you with one
open question you can discuss in your organization: Do all of the OTHER
production servers you use to run your business have the necessary security AND
system integrity characteristics required to protect your applications and data
against the constant threats inherent in today’s network accessible world?

IBM Systems Magazine is a trademark of International Business Machines Corporation. The editorial content of IBM Systems Magazine is placed on this website by MSP TechMedia under license from International Business Machines Corporation.